This documentation relates to an earlier version of OpenDNSSEC.
The documentation for the latest release is available at the current documentation home.

Skip to end of metadata
Go to start of metadata

This page describes the key stages in getting up and running with OpenDNSSEC.

Experts can dive into the Basic Steps of setting up the system.

More detailed information on various elements of OpenDNSSEC is also listed including an overview of how OpenDNSSEC works.

Resources such as FAQ and reporting BUGS are also available.

On this Page

Basics Steps


Describes how you install OpenDNSSEC from source. It also gives some hints on how you can choose your hardware set-up to match your zone signing requirements.


The next step after installation is to configure OpenDNSSEC. Remember that you also need an HSM with the PKCS#11 API.

Running OpenDNSSEC

With the software installed and configured, it is time to start using the system. Adding/removing zones, rolling keys, etc.

Command utilities

The software package comes with a number of command line tools.

More Details....


Read an overview of how OpenDNSSEC works.

Key states

OpenDNSSEC maintains different key states.

Migrating to OpenDNSSEC

It is possible to migrate a DNSSEC signed zone over to OpenDNSSEC, while keeping it secure.

Hardware Security Modules

Read about HSM and the OpenDNSSEC implementation of a soft HSM - SoftHSM.



This chapter describes some troubleshooting tips and experiences.


This chapter describes some frequently asked questions from the users.

Reporting bugs

If you encounter any bugs: Reporting Bugs

  • No labels